Late last year, I wrote about how the GDPR almost ruined Christmas in one German town, where it was determined that the annual tradition of kids putting their wishes on a tree in the center of town (to be fulfilled by local town officials) would violate the GDPR. Some people did figure out a "workaround" involving some pointless bureaucracy in getting parents to first sign "consent" forms to allow the town to do the same thing they've always done for years without a problem.
However, now we have another story of the GDPR ruining another Christmas tradition in a different way. This tradition? Taking back the awful presents people give you that you don't actually want. At least some retailers are telling people that doing so under the GDPR requires them to inform the original purchaser that you really didn't like their gift:
While the pilgrimage to take back garish jumpers and superfluous socks is a new year's tradition as familiar as taking down the Christmas tree, data rules now oblige internet retailers to tell a buyer when an item they have bought is returned - regardless of whether it was a gift.
In some cases, companies are warning customers that they should inform the gift-giver themselves that they are making the return - before the company has to let them know.
In one instant, a father returning a child's coat to Boden was told that the original buyer would be informed 'due to data protection regulations'.
I'm sure some can try to spin this as a way of forcing people to be a bit more honest about not liking the awful sweater their dear old aunt bought them for the holidays, but, really... how exactly is this protecting anyone's "data"? If anything, it seems to be violating more people's privacy in revealing what they do with the crap presents they never wanted in the first place.
The article notes that not all retailers are doing this, but it does appear many believe it's necessary:
Eleven of the 30 retailers approached by The Mail on Sunday said they would have to inform buyers if gifts they had bought were returned.
The article does quote some "data protection" officials saying that retailers don't need to do this, but at the very least it highlights the same thing we keep pointing out about the GDPR and other attempts to regulate the internet. When these grand sweeping regulations are written in ways that are so vague and broad -- with such massive punishment for getting things wrong -- no one should be surprised when the end result is utterly ridiculous.